Obfuscation and Xaml/Baml
Thanks to a forum post "Code Protection and Licensing of WPF Applications", I write this response:
Baml is similar to IL in that it encodes type and member names. Unfortunately, we haven’t documented baml like IL is, so obfuscators can’t easily obfuscate WPF applications.
I believe the best approach today is to exclude from obfuscation any types/members which you define that you need to use in Xaml. If any type/member names change between creating the assembly (with baml) and runtime, the baml hasn’t been updated to refer to the new types.
Unfortunately, we don’t have the baml format published (as we think we will need to change it) and don’t have an adequate API to help obfuscators.
We are investing to improve this in the future. Until then, I’d love to hear:
- best practices to deal with this limitation today
- feedback about how critical it is to improve this
- any other feedback in this area